Re: DNSChanger Mac specific virus

Jim WalterSymantec has posted a description for what they are calling OSX.Exploit.Launchd. The PoC code is still being investigated, but it appears to exploit the recently patched vulnerability in launchd (CVE-2006-1471). This vulnerability was patched in Mac OS X Update 10.4.7. The exploit code was reported to milw0rm by Kevin Finisterre.